A device is personalized for subscription to a fee service by being provided with a unique identity upon initialization of the service. It is desirable to personalize the remote device from a central site in systems such as cellular telephone systems, cable telephone systems, networks and other communication systems, to ease distribution and provide flexibility in installation. It is further desirable to protect these credentials against interception during transmission to the legitimate device. For example, it is desirable to prevent "pirates" from downloading the credentials to other "blank" devices thereby enabling these other devices to masquerade as the legitimate device when accessing fee services.
One proposed solution to this fraud problem is for the service provider to give a secret number to each legitimate device upon activation of a fee subscription. Later, when the device attempts to gain system access, it must prove that it has the secret number without revealing it over the air. This process is called "authentication". Protocols for authentication exist in many systems. For example, cellular systems, including the Global System for Mobile Communications (GSM), the United States Digital Cellular (USDC) system, and the Digital European Cordless Telecommunications (DECT) systems, have such protocols. In these systems, the remote device is a phone.
One of the difficulties to be overcome when implementing authentication is the problem of providing the remote device with a secret number. In GSM, a smart card containing the secret number is given to the subscriber. The subscriber must physically insert it into the phone by means of a specially-designed slot. Although smart cards insure that the phone has the correct secret number, they introduce the need for a complex mechanical and electrical interface. Furthermore, it limits the size, form factor, and ultimately the cost, of the phone.
Another proposal is for the subscriber to manually enter the secret number into the remote device, such as a telephone handset using its keypad. This method has been slow to gain acceptance, due to a perceived user inconvenience. Additionally, many devices, such as cable boxes and pagers do not have a keypad. Requiring a keypad in such devices will increase their cost and possibly their size.
It has also been proposed to use remote service provisioning, such as "over-the-air" service provisioning (OTASP), to initialize a fee subscription service. By means of a suitable protocol, it is possible for a service provider to remotely program a blank remote device without any direct interaction by the service shop or retailer. One of the components of the information conveyed is the secret number, called the "A-key", used for authentication. The use of a public key exchange insures that the air, line or cable interface transactions are not vulnerable to simple eavesdropping and subsequent misuse of the secure information conveyed.
Although the public key exchange is impervious to simple interception, it is vulnerable to a so-called "man-in-the-middle" attack. In such an attack, an intruder breaks into the communications link at precisely the "right" time to read and insert messages. A successful man-in-the-middle can deceive both the phone and the service provider into thinking that they are talking to each other when in reality each side is talking to the intruder. If the man-in-the-middle attack is discovered, action can be taken to defeat the attack. Thus to succeed, the intruder must gain access to the "A-key" without the knowledge of either side.
It is desirable to provide protection by identifying the presence of an intruder in the communication link.